Details of VAR-201512-0122

ID

VAR-201512-0122

CVE

CVE-2015-7096

TITLE

Apple iOS Used in etc. WebKit Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-006327

DESCRIPTION

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious web page. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit of several Apple products. The following products and versions are affected: Apple iOS 9.1 and earlier, Safari 9.0.1 and earlier, tvOS 9.0 and earlier. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWa0HxAAoJEBcWfLTuOo7tL3sP/3IMYdGz6mTS98t6/aMJx8Ew okyR8nBT2M3ALNVxTJeVxRbHc11f75x9DVJMV4Q291MRqeX3b7wHBcvoizmOM66c bWNIqRdIYVub+WWwljBuzdsPIT0d9NlY8Htz9dbwtWmTPACYNKYr9ZUO1T9ntSer WCEBRql2VlpOpr12FfpRc2I52BisIF1pVm24QmsVfgJM156lWxFAjC+i6ESOeBnd waL4T5aw7+mZuoIbUSQvVsjEo2ay5wglAvPhYDlwpEMEY+w0U0E077qr/6LiLf9B MtxIz6i/rtPD4Ak+rKLdAbAGah0nWvVPomo4KI+xS+kxlmxEQY2Q7dUzDpCmviho ZMEgjoEFAouUa+mQC0w+CSxMyO5MS5ZDoZo14DHfkB978DDBjW88xAky4Row5gjX 97ZJ/+933eYqrcNLjc74CNoTDHw22YQ9bys05qJ2FovoTu0s+qsVWhx5tEehxJLr RTvBfc/49JNTracvb/uK7ShbUc9u6qj9g5tHCgLqU6KwFj/vafF5d/lQph4gz6NQ 2xAxKCQjzS6Hqalj0xjmw51b2rxZXjXW2Q4itRa+BVbG8Eb8Frp5yzj5h/m/pS5/ 5/yMR9vYDYXN8psVrSSPhFtpCz0jloeAWsSJk5nM+ReH4sUwRyS3dV7ONfyDxtvo jIfn9cPnOmCwLLCZl2E9 =eKwE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple vulnerabilities Date: June 07, 2017 Bugs: #543650, #573656, #577068, #608958, #614876, #619788 ID: 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4" References ========== [ 1 ] CVE-2015-2330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330 [ 2 ] CVE-2015-7096 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096 [ 3 ] CVE-2015-7098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098 [ 4 ] CVE-2016-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723 [ 5 ] CVE-2016-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724 [ 6 ] CVE-2016-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725 [ 7 ] CVE-2016-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726 [ 8 ] CVE-2016-1727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727 [ 9 ] CVE-2016-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728 [ 10 ] CVE-2016-4692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692 [ 11 ] CVE-2016-4743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743 [ 12 ] CVE-2016-7586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586 [ 13 ] CVE-2016-7587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587 [ 14 ] CVE-2016-7589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589 [ 15 ] CVE-2016-7592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592 [ 16 ] CVE-2016-7598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598 [ 17 ] CVE-2016-7599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599 [ 18 ] CVE-2016-7610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610 [ 19 ] CVE-2016-7611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611 [ 20 ] CVE-2016-7623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623 [ 21 ] CVE-2016-7632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632 [ 22 ] CVE-2016-7635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635 [ 23 ] CVE-2016-7639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639 [ 24 ] CVE-2016-7640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640 [ 25 ] CVE-2016-7641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641 [ 26 ] CVE-2016-7642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642 [ 27 ] CVE-2016-7645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645 [ 28 ] CVE-2016-7646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646 [ 29 ] CVE-2016-7648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648 [ 30 ] CVE-2016-7649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649 [ 31 ] CVE-2016-7652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652 [ 32 ] CVE-2016-7654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654 [ 33 ] CVE-2016-7656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656 [ 34 ] CVE-2016-9642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642 [ 35 ] CVE-2016-9643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643 [ 36 ] CVE-2017-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350 [ 37 ] CVE-2017-2354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354 [ 38 ] CVE-2017-2355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355 [ 39 ] CVE-2017-2356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356 [ 40 ] CVE-2017-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362 [ 41 ] CVE-2017-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363 [ 42 ] CVE-2017-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364 [ 43 ] CVE-2017-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365 [ 44 ] CVE-2017-2366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366 [ 45 ] CVE-2017-2367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367 [ 46 ] CVE-2017-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369 [ 47 ] CVE-2017-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371 [ 48 ] CVE-2017-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373 [ 49 ] CVE-2017-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376 [ 50 ] CVE-2017-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377 [ 51 ] CVE-2017-2386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386 [ 52 ] CVE-2017-2392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392 [ 53 ] CVE-2017-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394 [ 54 ] CVE-2017-2395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395 [ 55 ] CVE-2017-2396 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396 [ 56 ] CVE-2017-2405 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405 [ 57 ] CVE-2017-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415 [ 58 ] CVE-2017-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419 [ 59 ] CVE-2017-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433 [ 60 ] CVE-2017-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442 [ 61 ] CVE-2017-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445 [ 62 ] CVE-2017-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446 [ 63 ] CVE-2017-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447 [ 64 ] CVE-2017-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454 [ 65 ] CVE-2017-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455 [ 66 ] CVE-2017-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457 [ 67 ] CVE-2017-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459 [ 68 ] CVE-2017-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460 [ 69 ] CVE-2017-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464 [ 70 ] CVE-2017-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465 [ 71 ] CVE-2017-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466 [ 72 ] CVE-2017-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468 [ 73 ] CVE-2017-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469 [ 74 ] CVE-2017-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470 [ 75 ] CVE-2017-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471 [ 76 ] CVE-2017-2475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475 [ 77 ] CVE-2017-2476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476 [ 78 ] CVE-2017-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481 [ 79 ] CVE-2017-2496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496 [ 80 ] CVE-2017-2504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504 [ 81 ] CVE-2017-2505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505 [ 82 ] CVE-2017-2506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506 [ 83 ] CVE-2017-2508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508 [ 84 ] CVE-2017-2510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510 [ 85 ] CVE-2017-2514 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514 [ 86 ] CVE-2017-2515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515 [ 87 ] CVE-2017-2521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521 [ 88 ] CVE-2017-2525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525 [ 89 ] CVE-2017-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526 [ 90 ] CVE-2017-2528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528 [ 91 ] CVE-2017-2530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530 [ 92 ] CVE-2017-2531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531 [ 93 ] CVE-2017-2536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536 [ 94 ] CVE-2017-2539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539 [ 95 ] CVE-2017-2544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544 [ 96 ] CVE-2017-2547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547 [ 97 ] CVE-2017-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549 [ 98 ] CVE-2017-6980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980 [ 99 ] CVE-2017-6984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201706-15 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --NcNxMnppmhackEL27c23XhPLDAAQ7GQcq-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-5 Safari 9.0.2 Safari 9.0.2 is now available and addresses the following: WebKit Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple CVE-2015-7104 : Apple WebKit Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan 10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: Safari 9.0.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRXAAoJEBcWfLTuOo7tp/kP/1QG495DAo4BKcJwr5oHxeK+ V0cld44Ot1F9+m8Pd2Il5kkE2mxEGnvOdtEQM0mOT80qfdTVi9zD4ypnFWkBcob1 tV0hEa7/LxMe1OtDMeeNM+qW22Ap6RO8o7v6mCzdn72ds0xSmiPFGuQ1RiRflKRj MjU+k61a3oEe2/rkvbBfuDSIm+4yZo1PjTDI02UoD5JC2nJ0Dlk6978hF6lLSrCv 28UR0i6NijI3Wa2Uq3gSA+qY9bo02sC1XOEveTfftLUfl1QOID0VZGHHnrao4mfx LpxYJR2XJpTvNs1x3lCOcTYWJr4Ju99/ZFkHneAj2OQEvOhP/CHuqUmUglHW9UMW CwQKAVZD242e6qPUu0xaW/nH4dQHbridWPWR3MfwiFj6Vbzc3Wpc+tx7LGdlFuhG 9/goo4MMI7QFdxFXD3bbcOhYRi6DbqJUSxTvWfpC2sssFmZ/N5kmr0w2ccXMUAGc Ez2M8Wm+gVYlCeBMS3rtPkxVcayzHZnxhj+3Fa7Qh3FAY9NdnJ/UA6xJdPrQvTpd DJsQUIK9Ung2c1D3kGGN6QgnUCgL3CtZ7RCSgPD8Zqs4q6Zhuwq6uquC3EDIZO2y HgMF1dRKihaXV5URz9IXfQAHQvbR1PD5e/KuL32bEtXwE0Oxocp1jTrIeIrW71JZ 2qcwUzBx5TzaQfLl+Rk1 =7iMd -----END PGP SIGNATURE----- . ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2016-0001 ------------------------------------------------------------------------ Date reported : February 01, 2016 Advisory ID : WSA-2016-0001 Advisory URL : http://webkitgtk.org/security/WSA-2016-0001.html CVE identifiers : CVE-2015-7096, CVE-2015-7098. Several vulnerabilities were discovered on WebKitGTK+. CVE-2015-7096 Versions affected: WebKitGTK+ before 2.10.5. Credit to Apple. CVE-2015-7098 Versions affected: WebKitGTK+ before 2.10.5. Credit to Apple. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: http://webkitgtk.org/security.html The WebKitGTK+ team, February 01, 2016

Trust: 2.34

sources: NVD: CVE-2015-7096 // JVNDB: JVNDB-2015-006327 // BID: 78720 // VULHUB: VHN-85057 // PACKETSTORM: 134792 // PACKETSTORM: 142825 // PACKETSTORM: 134746 // PACKETSTORM: 135568

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	lte	version:	9.0.1	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lte	version:	9.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	9.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	9.0.1	Trust: 0.9
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (iphone 4s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	9.0.2 (os x el capitan v10.11 and v10.11.1)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	9.0.2 (os x mavericks v10.9.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	9.0.2 (os x yosemite v10.10.5)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	9.1 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	9.1	Trust: 0.6
vendor:	apple	model:	tv	scope:	eq	version:	9.0	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4.0.80	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.0.2.20	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4.1.10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.1.8	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.31	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	ne	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	ne	version:	12.3.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1.1.4	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.6.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.3.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.2	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	5.0	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	6.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0	Trust: 0.3
vendor:	esignal	model:	esignal	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.2	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.7.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2	Trust: 0.3
vendor:	apple	model:	tvos	scope:	ne	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.7.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.8.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.8	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	6.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.5	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.6.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.34	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.7.4	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.6	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2.2.12	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.1.42	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.7	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.6.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.7.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.8	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	9.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.52	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.6.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	6.0.5	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.4419.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.31	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.28	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	ne	version:	2.10	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.33	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.0.163	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.30	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6.1.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.6.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.8.4	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	the	model:	webkitgtk+ team webkitgtk+	scope:	eq	version:	2.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3

sources: BID: 78720 // JVNDB: JVNDB-2015-006327 // CNNVD: CNNVD-201512-376 // NVD: CVE-2015-7096

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7096
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-7096
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201512-376
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-85057
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-7096
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-85057
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-85057 // JVNDB: JVNDB-2015-006327 // CNNVD: CNNVD-201512-376 // NVD: CVE-2015-7096

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-85057 // JVNDB: JVNDB-2015-006327 // NVD: CVE-2015-7096

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 142825 // CNNVD: CNNVD-201512-376

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201512-376

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-006327

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2015-12-08-1 iOS 9.2	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html	Trust: 0.8
title:	APPLE-SA-2015-12-08-2 tvOS 9.1	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html	Trust: 0.8
title:	APPLE-SA-2015-12-08-5 Safari 9.0.2	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html	Trust: 0.8
title:	HT205635	url:	https://support.apple.com/en-us/HT205635	Trust: 0.8
title:	HT205640	url:	https://support.apple.com/en-us/HT205640	Trust: 0.8
title:	HT205639	url:	https://support.apple.com/en-us/HT205639	Trust: 0.8
title:	HT205639	url:	http://support.apple.com/ja-jp/HT205639	Trust: 0.8
title:	HT205635	url:	http://support.apple.com/ja-jp/HT205635	Trust: 0.8
title:	HT205640	url:	http://support.apple.com/ja-jp/HT205640	Trust: 0.8
title:	Multiple Apple product WebKit Buffer Overflow Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59194	Trust: 0.6

sources: JVNDB: JVNDB-2015-006327 // CNNVD: CNNVD-201512-376

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7096	Trust: 3.2
db:	BID	id:	78720	Trust: 2.0
db:	SECTRACK	id:	1034341	Trust: 1.7
db:	JVN	id:	JVNVU97526033	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-006327	Trust: 0.8
db:	CNNVD	id:	CNNVD-201512-376	Trust: 0.7
db:	PACKETSTORM	id:	135568	Trust: 0.2
db:	VULHUB	id:	VHN-85057	Trust: 0.1
db:	PACKETSTORM	id:	134792	Trust: 0.1
db:	PACKETSTORM	id:	142825	Trust: 0.1
db:	PACKETSTORM	id:	134746	Trust: 0.1

sources: VULHUB: VHN-85057 // BID: 78720 // JVNDB: JVNDB-2015-006327 // PACKETSTORM: 134792 // PACKETSTORM: 142825 // PACKETSTORM: 134746 // PACKETSTORM: 135568 // CNNVD: CNNVD-201512-376 // NVD: CVE-2015-7096

REFERENCES

url:	https://security.gentoo.org/glsa/201706-15	Trust: 1.8
url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00000.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00001.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00003.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/78720	Trust: 1.7
url:	https://support.apple.com/ht205635	Trust: 1.7
url:	https://support.apple.com/ht205639	Trust: 1.7
url:	https://support.apple.com/ht205640	Trust: 1.7
url:	https://support.apple.com/kb/ht205636	Trust: 1.7
url:	http://www.securitytracker.com/id/1034341	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7096	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu97526033/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7096	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7098	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7096	Trust: 0.4
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.webkit.org/	Trust: 0.3
url:	http://webkitgtk.org/security/wsa-2015-0002.html	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7100	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7095	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7050	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7097	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7102	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7103	Trust: 0.2
url:	https://gpgtools.org	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7104	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7099	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7101	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7048	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7096	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2394	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7652	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2363	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2457	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2386	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7587	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2350	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2366	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7589	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2466	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2475	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7586	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7654	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2442	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7646	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7586	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2367	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7599	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2373	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2530	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2459	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7611	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7598	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7611	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2465	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6980	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2454	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2455	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7656	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2544	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2354	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9643	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4692	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2447	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2377	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2464	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7632	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1728	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2470	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7648	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2365	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2506	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7646	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1728	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7589	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7587	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2549	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2471	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2526	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7639	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1726	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4743	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7598	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2514	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2515	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2521	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2539	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2369	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7632	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2460	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2371	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7623	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2419	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2481	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7645	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2364	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2469	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7642	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2468	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7645	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2505	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2510	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1723	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7610	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6984	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7610	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4692	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2547	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2476	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2376	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1723	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2405	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2395	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7639	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2362	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7599	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2396	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7649	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2525	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2433	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7098	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9642	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2445	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2356	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7623	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2504	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2508	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2531	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2528	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4743	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2496	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7642	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1726	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2392	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2446	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2355	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7592	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2536	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-2330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7592	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2415	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	http://webkitgtk.org/security.html	Trust: 0.1
url:	http://webkitgtk.org/security/wsa-2016-0001.html	Trust: 0.1

CREDITS

Apple

Trust: 0.5

sources: BID: 78720 // PACKETSTORM: 134792 // PACKETSTORM: 134746

SOURCES

db:	VULHUB	id:	VHN-85057
db:	BID	id:	78720
db:	JVNDB	id:	JVNDB-2015-006327
db:	PACKETSTORM	id:	134792
db:	PACKETSTORM	id:	142825
db:	PACKETSTORM	id:	134746
db:	PACKETSTORM	id:	135568
db:	CNNVD	id:	CNNVD-201512-376
db:	NVD	id:	CVE-2015-7096

LAST UPDATE DATE

2025-04-13T22:10:22.548000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-85057	date:	2019-03-08T00:00:00
db:	BID	id:	78720	date:	2017-06-08T08:02:00
db:	JVNDB	id:	JVNDB-2015-006327	date:	2015-12-15T00:00:00
db:	CNNVD	id:	CNNVD-201512-376	date:	2019-03-13T00:00:00
db:	NVD	id:	CVE-2015-7096	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-85057	date:	2015-12-11T00:00:00
db:	BID	id:	78720	date:	2015-12-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-006327	date:	2015-12-15T00:00:00
db:	PACKETSTORM	id:	134792	date:	2015-12-12T18:22:22
db:	PACKETSTORM	id:	142825	date:	2017-06-07T14:18:30
db:	PACKETSTORM	id:	134746	date:	2015-12-10T17:09:58
db:	PACKETSTORM	id:	135568	date:	2016-02-02T17:04:36
db:	CNNVD	id:	CNNVD-201512-376	date:	2015-12-14T00:00:00
db:	NVD	id:	CVE-2015-7096	date:	2015-12-11T11:59:53.567